The log file will not be written in world-writableĭirectories there are no exceptions. The file being opened for logging is in a directory that does not exist, or When opening log files, proftpd will by default log a warning if May be able to overwrite the log itself with bogus data. If the logįiles themselves are writable (by a non- root user), then someone Root might overwrite that file with arbitrary data. If the logs directory is writable (by a non- root user), someoneĬould replace a log file with a symlink to some other system file, and then Do not give people write access to theĭirectory where the logs are stored without being aware of the consequences: It is oftenĮasier to simply post-process the log files to remove requests that you do notĪnyone who can write to the directory where ProFTPD is writing a log file canĪlmost certainly gain access to the UID that the server is started under, which Useful when they contain a complete record of server activity.
Mind the intended use of the logged data, the volume of data being logged,Īny post-processing that may need to be done, etc. When examining the different logging mechanisms, have in ProFTPD provides several different and flexing logging Logging the activity of the server is an integral part of effective serverĪdministration.
0 kommentar(er)
